General
-
Target
ad73f8e5e589a55e5e7f61904350f40dccd7a9e31a2a3c87d148d442c2adeccc
-
Size
395KB
-
Sample
240426-ak16ragd4w
-
MD5
6cdeb54bee9bb79a14676d7f576c514a
-
SHA1
6c5c9d331270653ee45d085c528ede5c6de2fe0b
-
SHA256
ad73f8e5e589a55e5e7f61904350f40dccd7a9e31a2a3c87d148d442c2adeccc
-
SHA512
64395927ceb95d9893f273a333fe9b9a4a835772bcebafb7b2f78da4aa239af85cefdf8e8027f01004e2c501a7a5a58081d17d2aaff2fafe7e3a4b738b6c1e47
-
SSDEEP
6144:P29OmUzW8qsGKCjyUeQ3KSJJHr1kWhr12uKej6RCM+8RPF:P2R67JCeU13K8JH1ZFKej/81F
Static task
static1
Behavioral task
behavioral1
Sample
ad73f8e5e589a55e5e7f61904350f40dccd7a9e31a2a3c87d148d442c2adeccc.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
ad73f8e5e589a55e5e7f61904350f40dccd7a9e31a2a3c87d148d442c2adeccc
-
Size
395KB
-
MD5
6cdeb54bee9bb79a14676d7f576c514a
-
SHA1
6c5c9d331270653ee45d085c528ede5c6de2fe0b
-
SHA256
ad73f8e5e589a55e5e7f61904350f40dccd7a9e31a2a3c87d148d442c2adeccc
-
SHA512
64395927ceb95d9893f273a333fe9b9a4a835772bcebafb7b2f78da4aa239af85cefdf8e8027f01004e2c501a7a5a58081d17d2aaff2fafe7e3a4b738b6c1e47
-
SSDEEP
6144:P29OmUzW8qsGKCjyUeQ3KSJJHr1kWhr12uKej6RCM+8RPF:P2R67JCeU13K8JH1ZFKej/81F
-
Detect ZGRat V1
-
SectopRAT payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-